Thanks much for the explanations on how this data is laid out. My first attempts at using the key I generated on my hardware platform were unsuccessful.
Stepping back, I thought I would use openssl to create a sect163k1 encrypted SHA1 digest of my test file and then verify it. I have been able to do this successfully executing the following commands: sudo openssl ecparam -genkey -name sect163k1 -out testkey.pem openssl ec -in testkey.pem -pubout -out testkeypub.pem openssl dgst -ecdsa-with-SHA1 -sign testkey.pem -out testdigest lockex.bin openssl dgst -ecdsa-with-SHA1 -verify testkeypub.pem -signature testdigest lockex.bin At this point I tried to use the openssl generated key to generate an encrypted digest of my test file using a tool provided by my hardware vendor. (A derivative of the Miracl ecsign program.) After extracting the private key from the testkey.pem file and putting it into the vendor's tool file format, the vendor tool generated digest ends up looking like: E39C9EEB4A60BFAF93235B376E9E54883C127BC403000000 F4760E34AC2ECB484B2DFF06E87113C9F1F9F99F02000000 The digest generated by openssl looks like: $ hexdump testdigest 0000000 2e30 1502 8101 6c91 034a 1613 8b89 a2b9 0000010 d691 d3d0 dd7d 2c7b 023e 0315 24c9 9a3c 0000020 8042 342c cf41 cec6 057b a830 f1fc 0349 I realize that these will be different as they are seeded by different random numbers. However, digests produced by the vendor's tool consistently have data that appears to be a X-Y coordinate (i.e. 0's at the same place in the digest: halfway through and at the end) while the digest produced by openssl is truly random. Am I misreading this or is this significant? Is the digest generated by openssl encoded in some sort of format or is it truly random as I expect? Thanks Doug Bailey ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
